rack-utf8_sanitizer 1.2.1 → 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +13 -5
  2. data/CHANGELOG.md +24 -0
  3. data/README.md +1 -1
  4. data/lib/rack/utf8_sanitizer.rb +3 -8
  5. data/rack-utf8_sanitizer.gemspec +2 -1
  6. data/test/test_utf8_sanitizer.rb +11 -0
  7. metadata +27 -12
checksums.yaml CHANGED
@@ -1,7 +1,15 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: be92627f205eac2e80ab554ad5add8ca2a084026
4
- data.tar.gz: 5325281ed65e1e17d74cabbb75df877e0387e2e8
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ NzExYTVlMDA4NWYyMTdiMTUzYjVlMjk1N2NjZGRiODQ1NWQ5ZTJmNA==
5
+ data.tar.gz: !binary |-
6
+ MGZjMzRmYTVhZmYwNWMzNGM3YzcyOGMyMzRlMjcyODgyMTE3MmM2Ng==
5
7
  SHA512:
6
- metadata.gz: a3cc3842501b3c7e7bd4da92ae81432a6b6d014ab4af8a828a4269d781554fdb774e6c7fe3dd19ea582d959ea8d3093abc1984882587aede7084bf6e3381c10c
7
- data.tar.gz: 108c557d20ce9c4716ae5d89fcd2878b8eb6ef3cd8a359d3e240a2cef575ef9a69a9cd129f8ab00bbde5628badb5f4d7f3f374badcaa04693162fa2f40531ac0
8
+ metadata.gz: !binary |-
9
+ Y2JiOWI0YjJhN2RkZDhkZGYwMjI5NWQyNDA1OThjOGIwNmY3Nzc3NGUzNTM2
10
+ Mjk1YzlhZjI5NTUwZjhjYWQ3OTNjNGY1YjA2OTc5NTYwODY5MDk0MjMwM2Yy
11
+ NDIyZGUwYTYzNTdhMDBjZmEyMjQxNTYzMzQwYzBmMTI2NzIxZTY=
12
+ data.tar.gz: !binary |-
13
+ NmNlYjBkODg3NzMyZmViYzkwZDg5OWFhNWY0M2UxZmY2YjJiYWY2ZjdiNWE2
14
+ OTkxMDNlMDg0OTQxMzZhNTg0NWM0YmMwYzUwN2Q4MmI1YzVjNzNiNzI5YmI0
15
+ NWYyY2M0MTQxZmRjYjAzNjY3ZmQ5ZjI3N2QxZTZkMjRlNWE5NzY=
data/CHANGELOG.md ADDED
@@ -0,0 +1,24 @@
1
+ Changelog
2
+ =========
3
+
4
+ Master
5
+ -------------------------
6
+
7
+ API modifications:
8
+
9
+ Features implemented:
10
+
11
+ Bugs fixed:
12
+
13
+ v1.2.2 (2014-07-10)
14
+ -------------------------
15
+
16
+ Features implemented:
17
+ * Sanitize request body for all HTTP verbs. (Nathaniel Talbott, #15)
18
+ * Add `application/json` and `text/javascript` as sanitizable content types. (Benjamin Fleischer, #12)
19
+
20
+ Bugs fixed:
21
+ * Ensure Rack::UTF8 Sanitizer is first middleware. (Aaron Renner, #13)
22
+
23
+ v1.2.1 (2014-05-27)
24
+ -------------------------
data/README.md CHANGED
@@ -19,7 +19,7 @@ Or install it yourself as:
19
19
  For Rails, add this to your `application.rb`:
20
20
 
21
21
  ``` ruby
22
- config.middleware.insert_before "Rack::Runtime", Rack::UTF8Sanitizer
22
+ config.middleware.insert 0, Rack::UTF8Sanitizer
23
23
  ```
24
24
 
25
25
  For Rack apps, add this to `config.ru`:
data/lib/rack/utf8_sanitizer.rb CHANGED
@@ -26,17 +26,12 @@ module Rack
26
26
  SANITIZABLE_CONTENT_TYPES = %w(
27
27
  text/plain
28
28
  application/x-www-form-urlencoded
29
+ application/json
30
+ text/javascript
29
31
  )
30
32
 
31
- # MRI-optimization
32
- POST = 'POST'
33
- PUT = 'PUT'
34
-
35
33
  def sanitize(env)
36
- request_method = env['REQUEST_METHOD']
37
- if request_method == POST || request_method == PUT
38
- sanitize_rack_input(env)
39
- end
34
+ sanitize_rack_input(env)
40
35
  env.each do |key, value|
41
36
  if URI_FIELDS.include?(key)
42
37
  env[key] = transfer_frozen(value,
data/rack-utf8_sanitizer.gemspec CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  Gem::Specification.new do |gem|
4
4
  gem.name = "rack-utf8_sanitizer"
5
- gem.version = '1.2.1'
5
+ gem.version = '1.2.2'
6
6
  gem.authors = ["Peter Zotov"]
7
7
  gem.email = ["whitequark@whitequark.org"]
8
8
  gem.description = %{Rack::UTF8Sanitizer is a Rack middleware which cleans up } <<
@@ -21,4 +21,5 @@ Gem::Specification.new do |gem|
21
21
 
22
22
  gem.add_development_dependency "bacon"
23
23
  gem.add_development_dependency "bacon-colored_output"
24
+ gem.add_development_dependency "rake"
24
25
  end
data/test/test_utf8_sanitizer.rb CHANGED
@@ -186,6 +186,17 @@ describe Rack::UTF8Sanitizer do
186
186
  end
187
187
  end
188
188
 
189
+ it "sanitizes StringIO rack.input on GET" do
190
+ input = "foo=bla&quux=bar"
191
+ @rack_input = StringIO.new input
192
+
193
+ sanitize_form_data(request_env.merge("REQUEST_METHOD" => "GET")) do |sanitized_input|
194
+ sanitized_input.encoding.should == Encoding::UTF_8
195
+ sanitized_input.should.be.valid_encoding
196
+ sanitized_input.should == input
197
+ end
198
+ end
199
+
189
200
  it "sanitizes StringIO rack.input with bad encoding" do
190
201
  input = "foo=bla&quux=bar\xED"
191
202
  @rack_input = StringIO.new input
metadata CHANGED
@@ -1,55 +1,69 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-utf8_sanitizer
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.1
4
+ version: 1.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Peter Zotov
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-27 00:00:00.000000000 Z
11
+ date: 2014-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ~>
18
18
  - !ruby/object:Gem::Version
19
19
  version: '1.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ~>
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: bacon
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ">="
31
+ - - ! '>='
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ">="
38
+ - - ! '>='
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bacon-colored_output
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - ">="
45
+ - - ! '>='
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - ">="
52
+ - - ! '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ! '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ! '>='
53
67
  - !ruby/object:Gem::Version
54
68
  version: '0'
55
69
  description: Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8
@@ -60,8 +74,9 @@ executables: []
60
74
  extensions: []
61
75
  extra_rdoc_files: []
62
76
  files:
63
- - ".gitignore"
64
- - ".travis.yml"
77
+ - .gitignore
78
+ - .travis.yml
79
+ - CHANGELOG.md
65
80
  - Gemfile
66
81
  - LICENSE.txt
67
82
  - README.md
@@ -78,12 +93,12 @@ require_paths:
78
93
  - lib
79
94
  required_ruby_version: !ruby/object:Gem::Requirement
80
95
  requirements:
81
- - - ">="
96
+ - - ! '>='
82
97
  - !ruby/object:Gem::Version
83
98
  version: '1.9'
84
99
  required_rubygems_version: !ruby/object:Gem::Requirement
85
100
  requirements:
86
- - - ">="
101
+ - - ! '>='
87
102
  - !ruby/object:Gem::Version
88
103
  version: '0'
89
104
  requirements: []